Tag:命令注入

Tag (命令注入)'s result:

dvwa1.9之Command Injection

Low: 源码: <?php if( isset( $_POST[ ‘Submit’ ] ) ) { // Get input $target = $_REQUEST[ ‘ip’ ]; // Determine OS and execute the ping command. if( stristr( php_uname( ‘s’ ), ‘Windows NT’ ) ) { // Windows $cmd = shell_exec( ‘ping ‘ . $target ); } else { // *nix $cmd = shell_exec( ‘ping -c 4 ‘ . $target ); } // Feedback for the end user echo “<pre>{$cmd}</pre>”; } ?> 对参数ip没任何过滤 127.0.0.1&&net user   Medium: 源码: <?php if( isset( $_POST[ ‘Submit’ ] ) ) { // Get input $target = $_REQUEST[ ‘ip’ ]; // Set blacklist $substitutions = array( ‘&&’ => ”, ‘;’ => ”, ); // Remove any of the charactars in the array (blacklist). $target = str_replace( array_keys( $substitutions ), $substitutions, $target ); // Determine OS and execute the ping command. if( stristr( php_uname( ‘s’ ), ‘Windows NT’ ) ) { // Windows $cmd = shell_exec( ‘ping ‘ . $target ); } else { // *nix $cmd = shell_exec( ‘ping -c 4 ‘ . $target );……